cgroup: release css->id after css_free
authorVladimir Davydov <vdavydov@parallels.com>
Thu, 12 Feb 2015 22:59:26 +0000 (14:59 -0800)
committerLinus Torvalds <torvalds@linux-foundation.org>
Fri, 13 Feb 2015 02:54:09 +0000 (18:54 -0800)
Currently, we release css->id in css_release_work_fn, right before calling
css_free callback, so that when css_free is called, the id may have
already been reused for a new cgroup.

I am going to use css->id to create unique names for per memcg kmem
caches.  Since kmem caches are destroyed only on css_free, I need css->id
to be freed after css_free was called to avoid name clashes.  This patch
therefore moves css->id removal to css_free_work_fn.  To prevent
css_from_id from returning a pointer to a stale css, it makes
css_release_work_fn replace the css ptr at css_idr:css->id with NULL.

Signed-off-by: Vladimir Davydov <vdavydov@parallels.com>
Cc: Johannes Weiner <hannes@cmpxchg.org>
Cc: Michal Hocko <mhocko@suse.cz>
Acked-by: Tejun Heo <tj@kernel.org>
Cc: Christoph Lameter <cl@linux.com>
Cc: Pekka Enberg <penberg@kernel.org>
Cc: David Rientjes <rientjes@google.com>
Cc: Joonsoo Kim <iamjoonsoo.kim@lge.com>
Cc: Dave Chinner <david@fromorbit.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
kernel/cgroup.c

index 04cfe8ace52088a4c5ed092c389d08fd99117b19..d5f6ec251fb2bcd9df4ac751ea142a9454e25eb1 100644 (file)
@@ -4373,16 +4373,20 @@ static void css_free_work_fn(struct work_struct *work)
 {
        struct cgroup_subsys_state *css =
                container_of(work, struct cgroup_subsys_state, destroy_work);
+       struct cgroup_subsys *ss = css->ss;
        struct cgroup *cgrp = css->cgroup;
 
        percpu_ref_exit(&css->refcnt);
 
-       if (css->ss) {
+       if (ss) {
                /* css free path */
+               int id = css->id;
+
                if (css->parent)
                        css_put(css->parent);
 
-               css->ss->css_free(css);
+               ss->css_free(css);
+               cgroup_idr_remove(&ss->css_idr, id);
                cgroup_put(cgrp);
        } else {
                /* cgroup free path */
@@ -4434,7 +4438,7 @@ static void css_release_work_fn(struct work_struct *work)
 
        if (ss) {
                /* css release path */
-               cgroup_idr_remove(&ss->css_idr, css->id);
+               cgroup_idr_replace(&ss->css_idr, NULL, css->id);
                if (ss->css_released)
                        ss->css_released(css);
        } else {